New Year 2026 Wishes: Mumbaikars, Think Before You Open 'APK File' Greetings On WhatsApp; GRP Warns Of New Scam

Mumbai: Ahead of New Year celebrations, the Government Railway Police (GRP) in Mumbai have issued a public advisory warning citizens about a surge in fake New Year greeting links circulating on WhatsApp. Police cautioned that clicking on such malicious links could lead to theft of personal data, financial fraud and unauthorised access to banking applications.

According to officials, cybercriminals are luring users with messages claiming to offer personalised New Year greeting cards, festive videos or digital gifts. These messages prompt recipients to click on a link or download an attachment to view the content. In several cases, the attachment turns out to be a harmful APK file, which, once installed, can silently infect the mobile phone with spyware or malware.

Details On Fresh 'New Year Greetings' Scam

Police said a viral New Year scam is spreading rapidly on WhatsApp, where even a seemingly harmless “Happy New Year” greeting can result in malware being downloaded and money being siphoned off within hours. Cyber experts have warned that a single click may be enough to give scammers access to a user’s phone data and banking apps.

Explaining the modus operandi, officials said the scam often begins with a message from an unknown number or even from a hacked contact. Users are asked to download and install a file to view a special New Year greeting. Once the APK file is installed, trojan software runs in the background without the user’s knowledge, compromising the device.

Victims have reported abnormal phone behaviour shortly after installation, including apps opening automatically and unauthorised access to messages and contacts. In serious cases, fraudsters have allegedly used UPI apps or bank accounts to carry out unauthorised transactions. Cyber experts say such malware can provide remote access to the phone, allowing scammers to control it from a distance.

What Is An APK File?

An APK, or Android Package Kit, is a file format used to install apps on Android devices. While legitimate apps are downloaded through the Google Play Store, APK files received via messages or unknown links involve “sideloading,” which can be risky. Authorities warned that such files may contain malware designed to steal sensitive information or money.

The GRP advised citizens to be cautious of WhatsApp messages that create urgency or excitement, offer gifts or rewards, contain spelling errors, come from unfamiliar senders or ask for OTPs, PINs or bank details. Officials stressed that genuine organisations never seek sensitive information through messaging apps.

With digital fraud cases on the rise, police said awareness remains the strongest defence. Citizens have been urged not to download files from unknown sources or install APK files received via messages, and to remain vigilant online to avoid falling victim to cyber scams during the festive season.

To get details on exclusive and budget-friendly property deals in Mumbai & surrounding regions, do visit: https://budgetproperties.in/